The Agent Skills Directory

[SAFE]: The skill uses established MCP tools (yuque_get_doc, yuque_create_doc, etc.) to perform its stated functions. Its workflow is transparent and limited to reading and writing documents within the user's authorized Yuque environment. No credentials or sensitive system paths are accessed.- [INDIRECT_PROMPT_INJECTION]: The skill processes untrusted content from external articles, creating a potential surface for indirect prompt injection. 1. Ingestion points: Article text via yuque_get_doc or user input. 2. Boundary markers: Not used in the prompt construction. 3. Capability inventory: Includes the ability to create documents and list repositories via the Yuque MCP server. 4. Sanitization: No filtering or validation of the retrieved text is performed. This is a standard risk for summarization tools and does not constitute a malicious finding in this context.

reading-digest